Easiest way I found was to edit /etc/pam.d/system-auth which will add it to everything. Add: Auth sufficient /lib/security/pam_winbind.so (I had it be the second one listed after pam_env Then add "use_first_pass" (no quotes) on the end of the pam_unix line (otherwise it prompts 3 times for password) Add: Account required /lib/security/pam_winbind.so (I added after pam_unix)
This one is the trick, only need it if you're going to have people logging into unix with their windows account: ADD: Session required /lib/security/pam_mkhomedir.so skel=/etc/skel umask=022 It still gives a "too many parameters" error when you login, but it does work, I just haven't had enough motivation to figure out what causes that error. Also make sure and make a directory in your /home named the same as your domain, otherwise it can't create the user directories and will pop an error when you try to login with a windows account. -----Original Message----- From: Bill Town [mailto:[EMAIL PROTECTED]] Sent: Friday, April 05, 2002 6:28 PM To: Blanchard, Michael Subject: Samba w/ winbindd Michael- I am new to configuring PAM and given that you have some success with it, can you send me your /etc/pam.d/ conf files (or examples). I am running RH 7.2 with Samba (and winbind) 2.2.3a. Thanks for any help in advance. Cheers, -Bill ----- Original Message ----- From: "Blanchard, Michael" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, March 08, 2002 6:47 PM Subject: [Samba] Samba in a Win2000 / NT Enterprise > Winbind has been in use here for almost a month and I've had no > problem. I would suggest first off upgrading to 2.2.3. Just do an rpm > -e samba-client and samba-common first so you clear up the > dependencies. Then go to samba.org and read the documentation for > winbind. It's actually pretty easy to do, and has been working really > well over here. There isn't anything as cool as sitting in front of a > linux computer and logging in with "ops+username" :) You have to add > about 7 lines of winbind-specific stuff into you smb.conf file, but > that's all availible on the samba.org webpage. ---- Bill Town Kontiki, Inc. Voice: 650.625.3065 Fax: 650.623.0142 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba